Snort mailing list archives
Re: Install Snort2.9.2.3 and Snortsam
From: kay <kay.diam () gmail com>
Date: Thu, 12 Jul 2012 08:55:13 +0400
Dear Tran, Snort should be configured to write unified2 logs, i.e. output alert_unified2: filename snort.alert, limit 128, nostamp Barnyard2 1.10 should be configured to read unified2 logs, i.e.: input unified2 And output to snortsam plugin. You can find examples here https://github.com/firnsy/barnyard2/blob/master/doc/README.snortsam And you should start barnyard2 by the following command line: barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.alert -w /var/log/snort/snort.waldo # use -D to daemonize 2012/7/12 Tran M. Thang <tmthang () vncert vn>:
Dir Sir, Thanks you for your suggestion. I tried installing Snort2.9.2.2 and using snortsam-2.9.2.2.diff but i got the same problems. Could you please tell me how to use barnyard2 associating with snortsam. Thanks. ----- Original Message ----- From: "kay" <kay.diam () gmail com> To: snort-users () lists sourceforge net Sent: Thursday, July 12, 2012 1:00:38 AM Subject: Re: [Snort-users] Install Snort2.9.2.3 and Snortsam Why don't you use barnyard2 with the default snortsam output plugin? And you are trying to install snortsam patch which was made for 2.9.2.2 on Snort 2.9.2.3, it is not a good idea. 2012/7/12 Tran M. Thang <tmthang () vncert vn>:Hi everyone! Any one can help me to install snort2.9.2.3 and plugin snortsam? After path snort using snortsam-2.9.2.2.diff, and using command ./configure --enable-sourcefire, i get error: ./configure: line 16277: syntax error near unexpected token `RAZORBACK,' ./configure: line 16277: ` PKG_CHECK_MODULES(RAZORBACK, razorback >= 0.1.3, , LRZB=no)' So, please help me to solve it. Thanks ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Install Snort2.9.2.3 and Snortsam Tran M. Thang (Jul 11)
- Re: Install Snort2.9.2.3 and Snortsam kay (Jul 11)
- Message not available
- Re: Install Snort2.9.2.3 and Snortsam kay (Jul 11)
- Message not available
- Re: Install Snort2.9.2.3 and Snortsam kay (Jul 11)